NIST Official: Industry, Government Should Collaborate to Secure Software
Ron Ross, a National Institute of Standards and Technology fellow and leader of a new DevSecOps project, has stressed the importance for industry to validate the presence and effectiveness of security features in their software.
During an Advanced Technology Academic Research Center event on DevOps, Ross said the adoption of DevOps and DevSecOps in software development should be done routinely so it becomes institutionalized and operationalized across the entire federal government. Ross explained that it would be a win-win for industry and the government if companies develop software at their own pace while assuredly integrating security capabilities, Fifth Domain reported.
Ross considered industry as a critical partner in the transition to DevOps and DevSecOps since they are responsible for making sure that security controls are in place so federal customers need not worry about risks.
The NIST fellow added that agencies should take a holistic approach in implementing DevSecOps, which includes efforts like stopping cyberattacks, limiting damage and increasing cyber resiliency.
Category: Popular Voices